I'm using a password script that I got here on EE last year. A copy of it is posted in the dir http://www.fishhead.com/scripts/password/
as "index-cgi.txt. The way it works now is I put the index.cgi in the directory I want to protect. The source code for the hidden page is in my cgi-bin. If the user enters the correct password, the hidden page is presented. If the wrong password is entered they get an error.html page which is also in my cgi-bin. The script records the invalid passwords in a log file.
What I want to change is for the invalid entries to be shown in the error.html page so the user can actually see their input. That way they know if they just made a simple typo and can try again. Something along the lines of:
The password \"$theinput\" you have entered is invalid.
I also want to add the date of the invalid attempt to the log file. I want to modify the entry line to read something like:
T) tried to get by the script.